Can't use credential set from the database

[Techbrunch]

Describe the bug

I'm trying to use a credential set from the database as described here: https://github.com/Porchetta-Industries/CrackMapExec/wiki/Using-Credentials but I get an error: AttributeError: 'database' object has no attribute 'get_credentials'

To Reproduce

[Feb 11, 2023 - 20:07:00 (CET)] exegol-htb-resolute ~ # cmedb
cmedb (default)(smb) > creds

+Credentials---------+-----------+----------+----------+-------------+
| CredID | Admin On  | CredType  | Domain   | UserName | Password    |
+--------+-----------+-----------+----------+----------+-------------+
| 1      | 0 Host(s) | plaintext | MEGABANK |          |             |
| 2      | 0 Host(s) | plaintext | MEGABANK | melanie  | Welcome123! |
+--------+-----------+-----------+----------+----------+-------------+

cmedb (default)(smb) > exit
[Feb 11, 2023 - 20:07:16 (CET)] exegol-htb-resolute ~ # cme winrm $TARGET -id 2 -x whoami
SMB         10.129.217.23   5985   RESOLUTE         [*] Windows 10.0 Build 14393 (name:RESOLUTE) (domain:megabank.local)
HTTP        10.129.217.23   5985   RESOLUTE         [*] http://10.129.217.23:5985/wsman
Traceback (most recent call last):
  File "/root/.local/bin/crackmapexec", line 8, in <module>
    sys.exit(main())
  File "/root/.local/pipx/venvs/crackmapexec/lib/python3.9/site-packages/cme/crackmapexec.py", line 257, in main
    asyncio.run(
  File "/usr/lib/python3.9/asyncio/runners.py", line 44, in run
    return loop.run_until_complete(main)
  File "/usr/lib/python3.9/asyncio/base_events.py", line 642, in run_until_complete
    return future.result()
  File "/root/.local/pipx/venvs/crackmapexec/lib/python3.9/site-packages/cme/crackmapexec.py", line 105, in start_threadpool
    await asyncio.gather(*jobs)
  File "/root/.local/pipx/venvs/crackmapexec/lib/python3.9/site-packages/cme/crackmapexec.py", line 69, in run_protocol
    await asyncio.wait_for(
  File "/usr/lib/python3.9/asyncio/tasks.py", line 442, in wait_for
    return await fut
  File "/usr/lib/python3.9/concurrent/futures/thread.py", line 52, in run
    result = self.fn(*self.args, **self.kwargs)
  File "/root/.local/pipx/venvs/crackmapexec/lib/python3.9/site-packages/cme/protocols/winrm.py", line 33, in __init__
    connection.__init__(self, args, db, host)
  File "/root/.local/pipx/venvs/crackmapexec/lib/python3.9/site-packages/cme/connection.py", line 65, in __init__
    self.proto_flow()
  File "/root/.local/pipx/venvs/crackmapexec/lib/python3.9/site-packages/cme/protocols/winrm.py", line 66, in proto_flow
    if self.login():
  File "/root/.local/pipx/venvs/crackmapexec/lib/python3.9/site-packages/cme/connection.py", line 170, in login
    creds = self.db.get_credentials(filterTerm=int(cred_id))
AttributeError: 'database' object has no attribute 'get_credentials'

Expected behavior

CME will automatically pull that credential from the back-end database and use it to authenticate

Crackmapexec info

• OS: Docker / Exegol
• Version of CME 5.4.0

[Marshall-Hallenbeck]

Related to the comment I just made in #740, the winrm protocol DB isn't used. You should be able to use the smb or mssql database with credentials though, since those are actually populated and have the associated functions with them such as get_credentials().

@mpgn this can probably be merged with #740 as a general "actually use the winrm database."

[Marshall-Hallenbeck]

@mpgn This can be marked fixed for sponsors. There was an issue when trying to list specific creds in the cmedb for winrm (e.g. creds 1), but I fixed that in my current PR in commit 1ae3c82.

This specific functionality to use creds from the WinRM DB was fixed in my CMEDB overhaul though, which is live for sponsors.

[mpgn]

Hello,

Thanks for the issue, it is now fixed on the last public release of CrackMapExec https://github.com/mpgn/CrackMapExec v6.0.0

Regards,

mpgn